The Office of the Inspector General, Audit Division, has completed an audit of compliance with standards
governing Combined DNA Index System (CODIS) activities at the Orange County Sheriff-Coroner Forensic Science
Services (Laboratory). CODIS is a national computerized information repository maintained by the FBI that
permits the storing, maintaining, tracking, and searching of DNA specimen information in order to facilitate
the exchange of DNA information by law enforcement agencies. Laboratories that participate in CODIS perform
DNA analysis on specimens from convicted offenders or crime-scene evidence. These laboratories use special
software, provided free of charge by the FBI, to organize and manage the DNA profiles and related information.
The software also compares DNA profiles from participating laboratories and notifies the appropriate laboratories
when two or more DNA profiles match.

The DNA Identification Act of 1994 authorized CODIS and specified several standards for laboratories that
contribute profiles to the FBI National DNA Index System (NDIS). Each participating laboratory must certify
that it is performing DNA analysis in compliance with the FBI standards governing laboratory operations.
Further, a Memorandum of Understanding (MOU) was enacted between the FBI and state laboratories establishing
the responsibilities of each party as part of CODIS. The MOU establishes general and specific standards that
are to be followed by a laboratory in order to participate in CODIS and utilize NDIS, including the upload of
DNA profiles to NDIS.

Our audit generally covered the period from May 1999 through May 2001. The overall objective of the audit was
to determine the extent of the Laboratoryís compliance with standards governing CODIS activities. To address
the overall objective, we considered:

the extent to which the Laboratory complied with the FBI NDIS participation requirements,

the extent to which the Laboratory complied with federally legislated Quality Assurance Standards (QAS)
for laboratories, and

the appropriateness of the Laboratoryís DNA profiles contained in CODIS databases.

We found that the Laboratory complied with standards governing CODIS activities that we tested with the
following exceptions:

With respect to the QAS for laboratories, we noted that the Laboratory did not follow their internal
equipment calibration policy. Our review indicated that a thermalcycler was calibrated on a bi-monthly basis
rather than once a month as required by the Laboratoryís own policies. We further noted that three DNA analysts
did not undergo external proficiency testing within the interval required by the QAS.

With respect to the Laboratoryís DNA profiles contained in CODIS databases, we noted that, of the 50
profiles reviewed, the Laboratory uploaded 2 DNA profiles to NDIS that it should not have, uploaded 1 profile
that was incomplete, and uploaded 1 profile that did not accurately reflect the results of analysis. The NDIS
requirements prohibit laboratories from uploading DNA profiles that are unambiguously attributable to a victim
or to known individuals other than the suspected perpetrators. We found that one record matched the DNA profile
of a crime victim and the second record matched the DNA profile of the victimís common law husband (not a suspect).
Given the sensitivity surrounding the collection and usage of DNA, we consider every instance involving the
uploading of inappropriate profiles to be significant.

Officials stated that they have recently initiated a proficiency test tracking system that will monitor each
analystís examination scheduling status. Based on this information, analysts will be notified by Laboratory
management when they must begin their next proficiency examination. In addition, Laboratory management stated
that they intend to review all case profiles currently entered into the database to determine their
appropriateness and will delete all profile entries determined to be inappropriate.

The audit results are discussed in greater detail in the Findings and Recommendations section of the report.
Appendix I discusses our audit scope and methodology. Appendix II provides the audit criteria. Appendix III
contains general background information. Appendix IV covers the history and status of DNA testing and CODIS use
at the Laboratory.